Location: PHPKode > projects > Chirp: The Microblog > chirp.v.1.1/register.php
<?php

	header ("Cache-control: private");

	error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);

	

	include("includes/config.inc.php");

	include("includes/db.inc.php");

	include("language/language.".$language.".php");

	include("includes/functions.inc.php");

	

	$hdr = file_get_contents('themes/'.$theme.'/header.theme.html');

	$regform = file_get_contents('themes/'.$theme.'/registration.theme.html');

	$recform = file_get_contents('themes/'.$theme.'/recover_pw.theme.html');

	$resform = file_get_contents('themes/'.$theme.'/resend_verification_email.theme.html');

	$ftr = file_get_contents('themes/'.$theme.'/footer.theme.html');

	

	$error = '';

	

	if (isset($_GET['act']) && !empty($_GET['act'])){

		$act = htmlspecialchars($_GET['act'],ENT_QUOTES);

		switch($act){

			case 'resend':

				if ($_SERVER['REQUEST_METHOD'] == 'POST'){

					if (isset($_POST['email']) && !empty($_POST['email'])){

						$mmail	= htmlspecialchars(@$_POST['email'],ENT_QUOTES);

						if (validEmail($mmail)){

							$sql = 'SELECT VERID FROM users_waiting WHERE EMAIL = "'.$mmail.'" LIMIT 1';

							$result = mysql_query($sql) or die(mysql_error());

							$cnt = mysql_num_rows($result);

							if ($cnt > 0){

								$row = mysql_fetch_array($result);

								if (regEmail($mmail,$row['VERID'])){

									echo PAGE_PROCESSING($hdr.$regmsg8.$ftr);

								}else{

									echo PAGE_PROCESSING($hdr.$resform.$ftr,$regmsg20);

								}

							}else{

								echo PAGE_PROCESSING($hdr.$resform.$ftr,$regmsg19);

							}

						}else{

							echo PAGE_PROCESSING($hdr.$resform.$ftr,$regmsg2);

						}

					}else{

						echo PAGE_PROCESSING($hdr.$resform.$ftr,$regmsg16);

					}

				}else{

					echo PAGE_PROCESSING($hdr.$resform.$ftr);

				}

				break;

			case 'recover':

				if ($_SERVER['REQUEST_METHOD'] == 'POST'){

					if (isset($_POST['email']) && !empty($_POST['email'])){

						$mmail	= htmlspecialchars(@$_POST['email'],ENT_QUOTES); 

						if (validEmail($mmail)){

							if (recoverPW($mmail)){

								echo PAGE_PROCESSING($hdr.$regmsg17.$ftr);

							}else{

								echo PAGE_PROCESSING($hdr.$recform.$ftr, $regmsg18);

							}

						}else{

							echo PAGE_PROCESSING($hdr.$recform.$ftr,$regmsg2);

						}

					}else{

						echo PAGE_PROCESSING($hdr.$recform.$ftr,$regmsg16);

					}

				}else{

					echo PAGE_PROCESSING($hdr.$recform.$ftr);

				}

				break;

		}

		exit(0);

	}

		

	

	if ($_SERVER['REQUEST_METHOD'] == 'POST'){

		if($enable_recaptcha == 1){

			require_once('includes/recaptchalib.php');

			$resp = recaptcha_check_answer ($recaptcha_private_key,$_SERVER["REMOTE_ADDR"],$_POST["recaptcha_challenge_field"],$_POST["recaptcha_response_field"]);

			if ($resp->is_valid) {

				$captcha_ok = 1;

			} else {

				$captcha_ok = 0;

	       	}

		}else{

			$captcha_ok = 1;

		}

		if(isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['email']) && !empty($_POST['email'])){

			$username 	= htmlspecialchars(@$_POST['username'],ENT_QUOTES);

			$firstname	= htmlspecialchars(@$_POST['firstname'],ENT_QUOTES);

			$lastname	= htmlspecialchars(@$_POST['lastname'],ENT_QUOTES);

			$mmail		= htmlspecialchars(@$_POST['email'],ENT_QUOTES);

			$state		= htmlspecialchars(@$_POST['state'],ENT_QUOTES);

			if ($captcha_ok == 1) {

				if (validEmail($mmail)){

					if(waitingEmail($mmail)){

						if(registeredEmail($mmail)){

							if(waitingUsername($username)){

								if(registeredUsername($username)){

									if ((strlen($username) >= $username_length_min) && (strlen($username) <= $username_length_max) && !preg_match('/[^a-zA-Z0-9\.]/', $username)){										

										if (PUT_USER_IN_WAITING($username,$firstname,$lastname,$mmail,$state,GET_A_REG_KEY())){

											echo PAGE_PROCESSING($hdr.$regmsg8.$ftr);

										}else{

											echo PAGE_PROCESSING($hdr.$regmsg7.$ftr,$regmsg7);

										}

									}else{

										echo PAGE_PROCESSING($hdr.$regmsg21.$ftr,$regmsg6);

									}

								}else{

									echo PAGE_PROCESSING($hdr.$regmsg6.$ftr,$regmsg6);

								}

							}else{

								echo PAGE_PROCESSING($hdr.$regmsg5.$ftr,$regmsg5);

							}

						}else{

							echo PAGE_PROCESSING($hdr.$regmsg4.$ftr,$regmsg4);

						}

					}else{

						echo PAGE_PROCESSING($hdr.$regmsg3.$ftr,$regmsg3);	

					}

				}else{

					echo PAGE_PROCESSING($hdr.$regmsg2.$ftr,$regmsg2);

				}

			}else{

				echo PAGE_PROCESSING($hdr.$regmsg9.$ftr);

			}

		}else{

			echo PAGE_PROCESSING($hdr.$regmsg1.$ftr);

		}

	}else{

		if($enable_recaptcha == 1){

			require_once('includes/recaptchalib.php');

			$regform = str_replace('%RECAPTCHA%',recaptcha_get_html($recaptcha_public_key, $error),$regform);

		}else{

			$regform = str_replace('%RECAPTCHA%','',$regform);

		}

		echo PAGE_PROCESSING($hdr.$regform.$ftr); 

	}



function recoverPW($rcpt){

	global $url;

	global $sitename;

	global $site_email_address;

	global $language;

	

	include("language/language.".$language.".php");

	$sql = 'SELECT * FROM users WHERE EMAIL = "'.$rcpt.'" LIMIT 1';

	$result = mysql_query($sql) or die(mysql_error());

	$cnt = mysql_num_rows($result);

	

	if ($cnt > 0) {

		$newpw = GET_A_REG_KEY();

		$newpw = substr($newpw, 2, 6);

		$sql = 'UPDATE users SET PASSWORD = "'.md5($newpw).'" WHERE EMAIL = "'.$rcpt.'" LIMIT 1';

		mysql_query($sql) or die(mysql_error());

		$headers = "From: ".$site_email_address."\n"; // From address

		$headers .= "Reply-To: ".$site_email_address."\n"; // Reply-to address

		$headers .= "Organization: ".stripslashes($sitename)."\n"; // Organisation

		$headers .= "Content-Type: text/html; charset=iso-8859-1\n"; // Type

		$subj = stripslashes($sitename)." ".$regmsg12;

		$letter = file_get_contents('letters/recover_pw_reply.letter.html');

		$regmsg = $regmsg13.'<strong>'.$rcpt.'</strong><br />

		'.$regmsg14.' <strong>'.$newpw.'</strong><br /><br />'.$regmsg15;

		$regmsg = $letter.$regmsg;

		if(mail($rcpt, $subj, $regmsg, $headers)){

			return true;

		}else{

			return false;

		}

	}else{

		return false;

	}

}



function PUT_USER_IN_WAITING($uname,$fname='',$lname='',$maile,$estate='',$wid){

	$sql = 'INSERT INTO users_waiting (USERNAME,LASTNAME,FIRSTNAME,EMAIL,STATE,SIGNDATE,VERID) VALUES ("'.$uname.'","'.$lname.'","'.$fname.'","'.$maile.'","'.$estate.'",NOW(),"'.$wid.'")';

	mysql_query($sql) or die(mysql_error());

	if(regeMail($maile,$wid)){

		return true;

	}else{

		return false;

	}

}



function regEmail($rcpt,$ssid){

	global $url;

	global $sitename;

	global $site_email_address;

	global $language;

	

	include("language/language.".$language.".php");

	

	$headers = "From: ".$site_email_address."\n"; // From address

	$headers .= "Reply-To: ".$site_email_address."\n"; // Reply-to address

	$headers .= "Organization: ".stripslashes($sitename)."\n"; // Organisation

	$headers .= "Content-Type: text/html; charset=iso-8859-1\n"; // Type

	$subj = stripslashes($sitename).$regmsg11;

	$letter = file_get_contents('letters/registration_reply.letter.html');

	$regmsg = '

	<a href="'.$url.'confirm.php?token='.$ssid.'">'.$url.'confirm.php?token='.$ssid.'</a>'.$regmsg10;

	$regmsg = $letter.$regmsg;

	if(mail($rcpt, $subj, $regmsg, $headers)){

		return true;

	}else{

		return false;

	}

}



function GET_A_REG_KEY(){

	$strtime = md5(microtime());

	return $strtime;

}



function registeredEmail($email){

	$sql = 'SELECT * FROM users WHERE users.EMAIL = "'.$email.'" LIMIT 1';

	$result = mysql_query($sql) or die(mysql_error());

	$cnt = mysql_num_rows($result);

	if($cnt > 0){

		$isregistered = false;

	}else{

		$isregistered = true;

	}

	return $isregistered;

}



function registeredUsername($uname){

	$sql = 'SELECT * FROM users WHERE users.USERNAME = "'.$uname.'" LIMIT 1';

	$result = mysql_query($sql) or die(mysql_error());

	$cnt = mysql_num_rows($result);

	if($cnt > 0){

		$isregistered = false;

	}else{

		$isregistered = true;

	}

	return $isregistered;

}



function waitingEmail($email){

	$sql = 'SELECT * FROM users_waiting WHERE users_waiting.EMAIL = "'.$email.'" LIMIT 1';

	$result = mysql_query($sql) or die(mysql_error());

	$cnt = mysql_num_rows($result);

	if($cnt > 0){

		$iswaiting = false;

	}else{

		$iswaiting = true;

	}

	return $iswaiting; 	

}



function waitingUsername($uname){

	$sql = 'SELECT * FROM users_waiting WHERE users_waiting.USERNAME = "'.$uname.'" LIMIT 1';

	$result = mysql_query($sql) or die(mysql_error());

	$cnt = mysql_num_rows($result);

	if($cnt > 0){

		$iswaiting = false;

	}else{

		$iswaiting = true;

	}

	return $iswaiting; 	

}



function validEmail($email){

   $isValid = true;

   $atIndex = strrpos($email, "@");

   if (is_bool($atIndex) && !$atIndex){

      $isValid = false;

   }else{

      $domain = substr($email, $atIndex+1);

      $local = substr($email, 0, $atIndex);

      $localLen = strlen($local);

      $domainLen = strlen($domain);

      if ($localLen < 1 || $localLen > 64){

         $isValid = false;

      }else if ($domainLen < 1 || $domainLen > 255){

         $isValid = false;

      }else if ($local[0] == '.' || $local[$localLen-1] == '.'){

         $isValid = false;

      }else if (preg_match('/\\.\\./', $local)){

         $isValid = false;

      }else if (!preg_match('/^[A-Za-z0-9\\-\\.]+$/', $domain)){

         $isValid = false;

      }else if (preg_match('/\\.\\./', $domain)){

         $isValid = false;

      }else if(!preg_match('/^(\\\\.|[A-Za-z0-9!#%&`_=\\/$\'*+?^{}|~.-])+$/',str_replace("\\\\","",$local))){

         if (!preg_match('/^"(\\\\"|[^"])+"$/',str_replace("\\\\","",$local))){

            $isValid = false;

         }

      }

      if ($isValid && !(checkdnsrr($domain,"MX") || checkdnsrr($domain,"A"))){

         $isValid = false;

      }

   }

   return $isValid;

}



?>
Return current item: Chirp: The Microblog